Manage your information system security

Compliance without revolution (GRC)

Image

Presentation of our offer

What does our information security offer include?

Our objective: continuous improvement of your security and availability while respecting your existing systems and constraints.

Assessing your ISS

We survey your ISS maturity and practices

  • What are your business processes?

  • What are your main risks?

  • What are the standards in your industry?

We analyze your company's processes, risks and ISS practices.
We identify potential vulnerabilities with the team.

Creating a document repository

Security standards recommend integrating the security dimension upstream of projects in the design phases, as a part of a Security by design approach.

Documentation must be drafted for :

  • Insurance companies (in support of questionnaires)

  • Clients (certification elements)

  • Service providers internal (understanding of security issues and pratices)

Defining and implementing an improvement plan

This includes identifying the technical or organizational actions to be taken. We implement this plan with the customer's service providers (project mode, delegated project management mode). And we monitor it.

Writing up your ISSP

We draw up your information systems security policy.

We assist you in setting up processes and monitoring dashboards accordingly.

Benefits

How Isitix can help you secure your infrastructures

Our offer has been designed to meet the ever-changing needs of our customers.

We bring you our experience in security architecture and organization.

In this way, we integrate the functional bricks best suited to your existing systems, such as:

  • IDS, IPS, SIEM, EDR

  • Backup and recovery plan

  • Identity access management

We also reconcile the formal aspects of security standards, ISO, PCI-DSS and your organization's operational security.

  • Find pragmatic solutions that integrate with your existing systems to strengthen your ISS, and invest where necessary

  • Formalize your ISS pratices, assess your level of ISS protection and be able to comply with your customers ISS framework

  • Prepare for ISO27001, PCI-DSS, HDS or other certification depending on the clients requirements

  • Anticipate problems and learn how to manage incidents and crises

Information Security Policy

Download the index of an Information Security Policy document, written by our team

Download PDF file

Case study

A start-up in the digital

Customer issues

Formalize its security and adapt it to the needs of key account customers and prospects.

The context is that of a start-up with small teams and limited resources.

Context and constraints

This start-up markets a digital service to key accounts.

Business growth and the strategic importance of the service for their customers led them to audit the start-up and provide it with security questionnaires and a framework to respect.

4 elements must be taken into account:

  • A small team and limited resources with little key account culture

  • A complex and evolving technological environment

  • Highly formalized customer requirements and significant risks

  • A certain urgency

Proposed solution

We draw up a safety policy that is as close as possible to the existing situation and available resources, but in line with customer requirements.

At the same time, we maintain an inventory of discrepancies and work to be carried out or in progress. And we urgently carry out projects concerning the most significant deviations.

A number of projects have therefore been carried out:

  • Interviewing teams and collecting existing data

  • Definition of the ISSP plan and joint drafting with internal teams

  • Gap identification and monitoring, workload and security operating processes

  • Creation of an audit repository

The gain

Isitix's intervention enabled the start-up to break a deadlock. The start-up obtains the customer's stamp without going out of business, while continuing to produce.


Our service enabled the start-up to adopt a formalized security approach, while meeting the expectations of its major customers.

You have a project?